seccomp: use lxc_log_get_level()

This will now enable LXD users to dump the seccomp filter in the log when
logging at TRACE level.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index 9ea0ba9abb795618a5b0ea0a8707b42a82d61f26..53614a49601100a453d9fed6528bc94ff4283e72 100644 (file)
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1260,14 +1260,16 @@ int lxc_seccomp_load(struct lxc_conf *conf)
 /* After load seccomp filter into the kernel successfully, export the current seccomp
  * filter to log file */
 #if HAVE_SCMP_FILTER_CTX
-       if ((lxc_log_get_level() <= LXC_LOG_LEVEL_TRACE ||
-            conf->loglevel <= LXC_LOG_LEVEL_TRACE) &&
-            lxc_log_get_fd() >= 0) {
-               ret = seccomp_export_pfc(conf->seccomp.seccomp_ctx, lxc_log_fd);
-               /* Just give an warning when export error */
-               if (ret < 0) {
-                       errno = -ret;
-                       SYSWARN("Failed to export seccomp filter to log file");
+       if (lxc_log_get_level() <= LXC_LOG_LEVEL_TRACE) {
+               int fd_log;
+
+               fd_log = lxc_log_get_fd();
+               if (fd_log >= 0) {
+                       ret = seccomp_export_pfc(conf->seccomp.seccomp_ctx, fd_log);
+                       if (ret < 0) {
+                               errno = -ret;
+                               SYSWARN("Failed to export seccomp filter to log file");
+                       }
                }
        }
 #endif